The Supreme Court’s decision today in Carpenter v. United States will have far-reaching impacts, because it extends Constitutional protections to cell-site location information and not just to the actual content or words and sounds of a cellphone call or text message. That is, the Katz reasonable expectation of privacy test now applies Fourth Amendment protection […]
View the full article

Congress wants answers on FBI’s ‘going dark’ problem in wake of DOJ IG report (CyberScoop): Some members of Congress are challenging the FBI over its handling of the encryption battle with Apple, a recent article says. Several lawmakers wrote a letter to FBI Director Chris Wray stating their concerns over both the San Bernardino incident and […]
View the full article

DHS Might Provide Cyber Services Directly To Industry Under New Strategy (Nextgov): With a new DHS cyber strategy set to be released in the coming weeks, reports suggest that the agency could be taking on a new role in the cyber realm. DHS Secretary Kirstjen Nielsen described the new system as “security as a service” and […]
View the full article

The Encryption Debate Isn’t About Stopping Terrorists, It’s About Solving Crime (Lawfare): A post last week on Lawfare added to the ongoing debate over encryption but with a different focus. The author said that regardless of any flaws with third party (which means government, according to the author) access, the biggest problem remains traditional crime, not […]
View the full article

United States Cyber Command’s New Vision: What It Entails and Why It Matters (Lawfare): Yesterday, I posted a document from U.S. Cyber Command here. Dr. Richard J. Harknett wrote a piece assessing the document for Lawfare on Friday, in which he labels the strategy a significant evolution in both strategy and operations for cyber. Harknett lists […]
View the full article

This blog usually does not cover legislative proposals because they too often never progress through the process. But as Steve Vladeck first pointed out via tweet earlier this evening, the latest spending bill includes a provision worth addressing here. The Clarifying Lawful Overseas Use of Data Act (CLOUD) Act, addressed the use of stored data […]
View the full article

A few weeks ago, I wrote a post on the difference between cyber and information warfare and U.S. policy in this sphere. The idea was sparked by a lecture from Gen. Michael Hayden this past fall at Syracuse University, when I realized that many people have likely conflated these two concepts. Cyber operations can be […]
View the full article

Below is a report from the East West Institute titled “Encryption Policy in Democratic Regimes: Finding Convergent Paths and Balanced Solutions.” The organization’s own press release states that the report “provides nine normative recommendations on encryption policy to ensure strong cybersecurity while enabling lawful law enforcement access to the plaintext of encrypted information in limited […]
View the full article

Russia cyber attack on Germany a ‘form of warfare’ (The Telegraph): A story last week discussed a recent and then still ongoing cyber attack against Germany. The report said that while government officials weren’t saying much, many expect there to be a lot more damage than those officials were initially letting on. The story suggested that the […]
View the full article

The Supply Chain Problem A few weeks ago, an article from Nextgov, a website dedicated to “how technology and innovation are transforming the way government agencies serve citizens and perform vital functions,” described recent efforts by DHS to address cyber security risks as they relate to supply chains. The article quotes Jeanette Manfra, the head of […]
View the full article

APT37 (Reaper): The Overlooked North Korean Actor (FireEye): While everyone’s attention is on North Korea’s development of nuclear capabilities, a recent report says there is an overlooked cyber threat there, too. The report from FireEye calls the group APT37 (Reaper) and says its capabilities have grown in both scope and sophistication. Moreover, the report says with […]
View the full article